Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/haFxmEplesatplQxfCjMgKAGx-w.roa
File: haFxmEplesatplQxfCjMgKAGx-w.roa (raw, json)
Hash identifier: 8dF57wkEF3zvfWpMJNNT2LtVTE2DN/jEVKaw7JUHQeY=
Subject key identifier: 85:A1:71:98:4A:65:7A:C6:AD:A6:54:31:7C:28:CC:80:A0:06:C7:EC
Certificate issuer: /CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Certificate serial: 018CC493144B03E543B2A9894A9840A0601F
Authority key identifier: AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/haFxmEplesatplQxfCjMgKAGx-w.roa
Signing time: Mon 01 Jan 2024 10:30:22 +0000
ROA not before: Mon 01 Jan 2024 10:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20825
IP address blocks: 192.109.211.0/24 maxlen: 24
192.109.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:14:4b:03:e5:43:b2:a9:89:4a:98:40:a0:60:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Validity
Not Before: Jan 1 10:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85a171984a657ac6ada654317c28cc80a006c7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:55:28:88:66:88:ee:98:da:7b:80:ba:29:6f:
bb:94:99:5c:86:2d:dd:07:ac:4b:bf:cc:6f:50:29:
24:64:ac:5e:bf:bf:94:cb:19:03:36:e3:55:a7:db:
42:12:b2:5a:4b:6e:e9:f9:fd:cc:88:dc:c3:1a:5a:
aa:ce:55:95:2d:60:d2:7c:cd:10:1d:e6:f9:b2:3e:
7c:22:89:39:9c:94:b5:10:68:df:e0:91:02:b3:59:
4d:02:7d:89:90:1b:b6:00:9a:bc:21:d7:9f:e6:27:
ab:e2:56:62:eb:c3:73:12:b1:e7:a1:18:7b:59:5e:
e6:79:64:0b:4a:dd:89:ee:93:c1:f1:d9:c1:1d:b7:
23:09:15:9e:c9:8f:97:b0:00:22:8d:d2:6e:48:6e:
b9:d7:9c:b4:dc:87:c2:d5:63:13:14:79:b8:1f:2d:
ed:91:bb:5e:6b:47:73:d6:99:b3:ce:9a:82:df:f3:
85:d3:e3:c1:49:b3:95:27:9a:47:58:81:62:86:6f:
cf:30:67:45:40:bb:b3:39:b2:b0:35:49:96:5e:18:
7e:3a:bd:f4:6c:64:56:5d:72:6f:a1:a2:ad:e7:0f:
47:0a:cb:73:84:84:75:86:98:d1:a4:49:ff:eb:73:
eb:a1:64:cb:5b:f0:a5:58:c1:a1:9f:cc:7e:ed:da:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A1:71:98:4A:65:7A:C6:AD:A6:54:31:7C:28:CC:80:A0:06:C7:EC
X509v3 Authority Key Identifier:
keyid:AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/haFxmEplesatplQxfCjMgKAGx-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.211.0-192.109.212.255
Signature Algorithm: sha256WithRSAEncryption
33:08:d6:ca:91:18:8b:30:81:cb:a7:64:5a:38:fe:6d:2c:ba:
3f:03:de:db:2c:07:9f:ab:ac:05:cb:55:f4:75:91:65:d4:8d:
d3:5f:7e:22:a9:37:27:d9:56:09:84:00:ef:d5:7c:72:d4:f8:
62:34:c4:45:a4:c7:f7:d0:63:46:e6:6b:82:08:88:94:94:5e:
88:97:9c:5b:da:08:78:e3:42:81:f1:37:72:f3:c5:74:6f:19:
7e:08:c8:32:f1:50:e7:c3:a5:67:3d:b2:11:bd:b8:8e:2f:f8:
ff:d8:b4:03:51:75:98:6f:e7:7d:e3:c0:d0:ee:34:29:2d:9e:
b5:77:c8:68:a8:0d:77:49:25:0e:55:2c:7c:96:8c:21:59:72:
00:14:dc:7f:0e:fd:0f:b7:fd:6a:5f:df:52:8a:48:26:08:04:
e2:da:1f:f6:26:db:0b:ba:6b:c4:7e:c9:87:dc:84:60:66:57:
ac:d7:b8:1e:78:bd:80:5d:5f:80:98:02:1a:df:61:2e:12:e2:
c9:78:b3:08:cb:d9:b2:17:38:fb:e5:d8:bb:5b:02:38:51:e5:
01:dd:72:76:04:e8:6b:76:59:df:7c:b5:3b:d7:4e:d7:96:fe:
3a:d5:be:de:7b:7e:a4:2e:9a:9e:4b:64:31:06:ca:22:12:b8:
8e:f7:ba:b1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEkxRLA+VDsqmJSphAoGAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMGE1YTFiMzg2MTdjYzE2MWY2MDYxM2Q5OGUxNzliNTM2
MGMwNTQwHhcNMjQwMTAxMTAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWExNzE5ODRhNjU3YWM2YWRhNjU0MzE3YzI4Y2M4MGEwMDZjN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1UoiGaI7pjae4C6KW+7lJlchi3d
B6xLv8xvUCkkZKxev7+UyxkDNuNVp9tCErJaS27p+f3MiNzDGlqqzlWVLWDSfM0Q
Heb5sj58Iok5nJS1EGjf4JECs1lNAn2JkBu2AJq8Idef5ier4lZi68NzErHnoRh7
WV7meWQLSt2J7pPB8dnBHbcjCRWeyY+XsAAijdJuSG6515y03IfC1WMTFHm4Hy3t
kbtea0dz1pmzzpqC3/OF0+PBSbOVJ5pHWIFihm/PMGdFQLuzObKwNUmWXhh+Or30
bGRWXXJvoaKt5w9HCstzhIR1hpjRpEn/63ProWTLW/ClWMGhn8x+7dpFTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIWhcZhKZXrGraZUMXwozICgBsfsMB8GA1UdIwQY
MBaAFK4KWhs4YXzBYfYGE9mOF5tTYMBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmdwYUd6aGhmTUZoOWdZVDJZNFhtMU5nd0ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zMTk5MWEtYmRiOC00YjViLWFlNWQt
YjI5ODEyYzNlNDY1LzEvaGFGeG1FcGxlc2F0cGxReGZDak1nS0FHeC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zMTk5MWEtYmRiOC00YjViLWFlNWQtYjI5ODEyYzNlNDY1
LzEvcmdwYUd6aGhmTUZoOWdZVDJZNFhtMU5nd0ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADAbdMD
BADAbdQwDQYJKoZIhvcNAQELBQADggEBADMI1sqRGIswgcunZFo4/m0suj8D3tss
B5+rrAXLVfR1kWXUjdNffiKpNyfZVgmEAO/VfHLU+GI0xEWkx/fQY0bma4IIiJSU
XoiXnFvaCHjjQoHxN3LzxXRvGX4IyDLxUOfDpWc9shG9uI4v+P/YtANRdZhv533j
wNDuNCktnrV3yGioDXdJJQ5VLHyWjCFZcgAU3H8O/Q+3/Wpf31KKSCYIBOLaH/Ym
2wu6a8R+yYfchGBmV6zXuB54vYBdX4CYAhrfYS4S4sl4swjL2bIXOPvl2LtbAjhR
5QHdcnYE6Gt2Wd98tTvXTteW/jrVvt57fqQump5LZDEGyiISuI73urE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:42:20 2025 by rpki-client